Mambo Open Source 4.6 - 'Itemid' Cross-Site Scripting | Gerki | Теневой Форум про Заработок и ИБ

Exploiter

Хакер

21 Дек 2022

EDB-ID: 23657

Проверка EDB

Пройдено

Автор: DAVID SOPAS FERREIRA

Тип уязвимости: WEBAPPS

Платформа: PHP

CVE: cve-2004-2072

Дата публикации: 2004-02-05

Код:

source: https://www.securityfocus.com/bid/9588/info

It has been reported that Mambo Open Source may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. The issue exists in the 'Itemid' parameter of 'index.php' script.

Mambo Open Source version 4.6 has been reported to be prone to this issue, however, other versions may be affected has well.

http://www.example.com/index.php?option=content&task=view&id=1&Itemid="><script>alert(document.domain);</script>

Источник: www.exploit-db.com

Поиск

Exploit Mambo Open Source 4.6 - 'Itemid' Cross-Site Scripting

Exploiter

Похожие темы